CVE-2022-4098
CVSS V2 None
CVSS V3 None
Description
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.
Overview
- CVE ID
- CVE-2022-4098
- Assigner
- info@cert.vde.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-13T08:15:10
- Last Modified Date
- 2023-03-31T16:12:40
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| AND | ||||
| cpe:2.3:o:wut:com-server_\+\+_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.55 | |
| cpe:2.3:h:wut:com-server_\+\+:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_20ma_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.55 | |
| cpe:2.3:h:wut:com-server_20ma:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_100basefx_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_100basefx:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_100baselx_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_100baselx:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_19\"_1port_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_19\"_1port:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_19\"_4port_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_19\"_4port:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_compact_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_compact:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_industry_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_industry:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_isolated_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_isolated:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_oem_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_oem:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_office_1port_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_office_1port:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_office_4port_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_office_4port:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_poe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.78 | |
| cpe:2.3:h:wut:com-server_highspeed_poe:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_lc_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.55 | |
| cpe:2.3:h:wut:com-server_highspeed_lc:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_poe_3x_isolated_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.55 | |
| cpe:2.3:h:wut:com-server_highspeed_poe_3x_isolated:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:wut:com-server_highspeed_ul_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.55 | |
| cpe:2.3:h:wut:com-server_highspeed_ul:-:*:*:*:*:*:*:* | 0 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://cert.vde.com/en/advisories/VDE-2022-057/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-4098 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4098 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-13 08:15:21 | Added to TrackCVE | |||
| 2022-12-13 14:15:29 | 2022-12-13T08:15:10.283 | 2022-12-13T08:15:10 | CVE Published Date | updated |
| 2022-12-13 14:15:29 | 2022-12-13T13:33:15 | CVE Modified Date | updated | |
| 2022-12-13 14:15:29 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2022-12-14 13:14:44 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2022-12-15 20:14:56 | 2022-12-15T19:55:50 | CVE Modified Date | updated | |
| 2022-12-15 20:14:56 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2022-12-15 20:14:57 | CPE Information | updated | ||
| 2023-01-12 10:19:32 | 2023-01-12T10:15:10 | CVE Modified Date | updated | |
| 2023-01-12 10:19:32 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-01-12 10:19:32 | Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. During an authenticated session to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device. | Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device. | Description | updated |
| 2023-01-12 17:14:35 | Modified | Undergoing Analysis | Vulnerability Status | updated |
| 2023-03-31 17:12:33 | 2023-03-31T16:12:40 | CVE Modified Date | updated | |
| 2023-03-31 17:12:33 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |